Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/687cd5-6345-4f64-be46-ede70c8ed513/1/LKyEzuxXs1-jlTSuIwCa6oICOao.mft
File: LKyEzuxXs1-jlTSuIwCa6oICOao.mft (raw, json)
Hash identifier: jVoINEdWjP1HkjBkVNMv8zEMbG7fFUEC2UDUwlD5igk=
Subject key identifier: C7:C3:5F:4E:4F:EF:65:8B:9F:AB:99:E1:79:B4:5A:A4:92:9F:42:BD
Authority key identifier: 2C:AC:84:CE:EC:57:B3:5F:A3:95:34:AE:23:00:9A:EA:82:02:39:AA
Certificate issuer: /CN=2cac84ceec57b35fa39534ae23009aea820239aa
Certificate serial: 019874F48C096C95403D511DAB884932BEC6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LKyEzuxXs1-jlTSuIwCa6oICOao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/687cd5-6345-4f64-be46-ede70c8ed513/1/LKyEzuxXs1-jlTSuIwCa6oICOao.mft
Manifest number: 083D
Signing time: Mon 04 Aug 2025 12:00:40 +0000
Manifest this update: Mon 04 Aug 2025 12:00:40 +0000
Manifest next update: Tue 05 Aug 2025 12:00:40 +0000
Files and hashes: 1: LKyEzuxXs1-jlTSuIwCa6oICOao.crl (hash: zDkQaZzm95cIajE4OUo0hwI+jEd53qFNPsU975NtTJY=)
2: cj0dff8EdsGG8DaopETeofzcldw.roa (hash: 06o/5+ZmJQt03Z2LLNo5k4a7U1bSw5gDTRAuW+tjkok=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/687cd5-6345-4f64-be46-ede70c8ed513/1/LKyEzuxXs1-jlTSuIwCa6oICOao.crl
rsync://rpki.ripe.net/repository/DEFAULT/04/687cd5-6345-4f64-be46-ede70c8ed513/1/LKyEzuxXs1-jlTSuIwCa6oICOao.mft
rsync://rpki.ripe.net/repository/DEFAULT/LKyEzuxXs1-jlTSuIwCa6oICOao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:74:f4:8c:09:6c:95:40:3d:51:1d:ab:88:49:32:be:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2cac84ceec57b35fa39534ae23009aea820239aa
Validity
Not Before: Aug 4 12:00:40 2025 GMT
Not After : Aug 5 12:00:40 2025 GMT
Subject: CN=c7c35f4e4fef658b9fab99e179b45aa4929f42bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:f8:11:91:ee:bf:5d:e1:0f:de:bf:3f:54:64:
3a:74:9a:77:46:94:da:b8:a1:75:c7:e1:bd:52:ed:
00:0c:16:28:b8:ff:ad:ef:10:e4:eb:04:a2:ce:c4:
c3:86:97:0e:f5:9f:c3:6a:5a:88:c2:c4:06:98:8b:
ec:24:7e:3f:37:5b:3e:21:8f:94:98:2b:f2:06:59:
7f:92:40:cc:54:20:fd:6f:02:92:ab:54:55:6c:5c:
57:90:7b:0b:d0:c7:9f:2c:4a:cb:a9:ab:5d:87:67:
f9:d5:ea:21:10:b7:c1:26:70:45:f7:b3:d1:89:88:
c8:9d:7c:44:65:06:6c:f6:e7:e3:f4:b7:39:14:85:
95:7c:c8:6a:7f:5d:97:20:b3:5d:16:6b:3e:70:40:
cf:d6:ae:48:ed:dd:0e:7b:5b:00:de:5d:cb:aa:60:
30:4a:7b:4a:91:d2:35:73:db:0d:3b:32:61:eb:14:
21:fe:a0:65:4b:0a:e2:d1:5d:f1:95:12:93:ab:19:
05:55:db:b5:a2:62:3f:6f:42:11:2b:73:c7:b2:59:
22:52:e6:52:93:da:7e:15:57:75:3e:a3:e6:1c:cd:
42:4e:9e:ff:8b:fa:22:e8:bd:09:e9:33:3a:27:98:
33:c0:12:ae:52:15:b2:86:e4:ac:dd:b9:81:11:62:
60:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:C3:5F:4E:4F:EF:65:8B:9F:AB:99:E1:79:B4:5A:A4:92:9F:42:BD
X509v3 Authority Key Identifier:
keyid:2C:AC:84:CE:EC:57:B3:5F:A3:95:34:AE:23:00:9A:EA:82:02:39:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LKyEzuxXs1-jlTSuIwCa6oICOao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/687cd5-6345-4f64-be46-ede70c8ed513/1/LKyEzuxXs1-jlTSuIwCa6oICOao.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/687cd5-6345-4f64-be46-ede70c8ed513/1/LKyEzuxXs1-jlTSuIwCa6oICOao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
aa:f3:2b:9e:4f:a9:64:89:6a:20:8a:1a:88:8e:ca:5b:ee:cd:
c4:af:b6:95:e8:22:37:d7:9c:cc:e5:be:3a:cb:72:29:40:9e:
c5:c3:02:de:86:9d:f6:7a:eb:bb:e2:14:7d:76:c6:83:fc:c8:
54:30:6c:a7:5e:da:49:69:01:28:2f:d9:28:d7:81:c2:ea:1c:
34:c8:3b:e8:04:67:9e:d0:35:42:a1:a3:8f:4b:5d:27:91:bb:
3a:a8:3d:92:9a:db:35:88:b8:cf:1c:e1:d3:ff:78:22:bf:cd:
0d:88:ec:86:6f:76:b5:ac:d2:16:ec:1c:d3:f0:9c:6c:f0:8e:
b8:1f:35:3a:78:ec:cd:68:2c:b3:aa:f5:e2:85:38:09:aa:1a:
de:54:e8:81:51:6d:b8:29:84:78:f4:ce:bb:be:09:ef:b0:70:
73:a7:79:e0:63:7b:c3:31:1f:ff:84:00:c1:ba:da:ff:ad:a9:
d4:e4:a0:64:d4:70:e2:d6:d9:5c:5f:f3:e0:6e:f1:c0:1b:79:
c9:73:ed:d3:1e:08:a5:bd:d9:bf:ad:f9:cb:f4:84:ab:98:7f:
5e:12:61:2b:b2:29:44:9a:b9:98:b6:04:79:74:e6:06:2d:25:
dd:44:a7:18:e0:f4:6e:d5:72:3f:3d:d0:b1:0a:81:db:d8:1f:
23:51:cc:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh09IwJbJVAPVEdq4hJMr7GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjYWM4NGNlZWM1N2IzNWZhMzk1MzRhZTIzMDA5YWVhODIw
MjM5YWEwHhcNMjUwODA0MTIwMDQwWhcNMjUwODA1MTIwMDQwWjAzMTEwLwYDVQQD
EyhjN2MzNWY0ZTRmZWY2NThiOWZhYjk5ZTE3OWI0NWFhNDkyOWY0MmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/gRke6/XeEP3r8/VGQ6dJp3RpTa
uKF1x+G9Uu0ADBYouP+t7xDk6wSizsTDhpcO9Z/DalqIwsQGmIvsJH4/N1s+IY+U
mCvyBll/kkDMVCD9bwKSq1RVbFxXkHsL0MefLErLqatdh2f51eohELfBJnBF97PR
iYjInXxEZQZs9ufj9Lc5FIWVfMhqf12XILNdFms+cEDP1q5I7d0Oe1sA3l3LqmAw
SntKkdI1c9sNOzJh6xQh/qBlSwri0V3xlRKTqxkFVdu1omI/b0IRK3PHslkiUuZS
k9p+FVd1PqPmHM1CTp7/i/oi6L0J6TM6J5gzwBKuUhWyhuSs3bmBEWJgwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMfDX05P72WLn6uZ4Xm0WqSSn0K9MB8GA1UdIwQY
MBaAFCyshM7sV7Nfo5U0riMAmuqCAjmqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEt5RXp1eFhzMS1qbFRTdUl3Q2E2b0lDT2FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC82ODdjZDUtNjM0NS00ZjY0LWJlNDYt
ZWRlNzBjOGVkNTEzLzEvTEt5RXp1eFhzMS1qbFRTdUl3Q2E2b0lDT2FvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC82ODdjZDUtNjM0NS00ZjY0LWJlNDYtZWRlNzBjOGVkNTEz
LzEvTEt5RXp1eFhzMS1qbFRTdUl3Q2E2b0lDT2FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqvMrnk+p
ZIlqIIoaiI7KW+7NxK+2legiN9eczOW+OstyKUCexcMC3oad9nrru+IUfXbGg/zI
VDBsp17aSWkBKC/ZKNeBwuocNMg76ARnntA1QqGjj0tdJ5G7Oqg9kprbNYi4zxzh
0/94Ir/NDYjshm92tazSFuwc0/CcbPCOuB81OnjszWgss6r14oU4Caoa3lTogVFt
uCmEePTOu74J77Bwc6d54GN7wzEf/4QAwbra/62p1OSgZNRw4tbZXF/z4G7xwBt5
yXPt0x4Ipb3Zv635y/SEq5h/XhJhK7IpRJq5mLYEeXTmBi0l3USnGOD0btVyPz3Q
sQqB29gfI1HMFg==
-----END CERTIFICATE-----
Generated at Mon Aug 4 19:08:39 2025 by rpki-client